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DETAILED ACTION 

Claims 1-20 are pending. 

Information Disclosure Statement 

Document 2780797 listed in the IDS submitted on 3/9/2004 was not considered 
because it does not comply with 37 CFR 1 .98(a)(3). 

Specification 

The disclosure is objected to because of the following informalities: In paragraph 
22, line 9, "fro" should be "for". 

Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1,3-6, 9, 11-13, 15, and 17-19 are rejected under 35 U.S.C. 102(b) as 
being anticipated by Worth (US 5,881 ,225). 
Claims 1, 9, and 15: 

As per claim 1 , Worth discloses: 
1 . Receiving login information from the user (Fig 2A, steps 24 and 28), the login 

information including the first username (col 3, lines 2-5 and col 4, lines 1-3), an 

alternate class (col 2, lines 50-54 and col 6, lines 33-42), and a password (col 3, 
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lines 2-5 and col 4, lines 1-3). The examiner considers Worth's disclosed roles 
as being equivalent to the claimed first class and alternate class of the user. In 
the cited portions, when a user logs onto the system, the user enters his/her user 
id and password and selects a first role for the particular login session. Cited 
column 6, lines 33-42 further indicates that the user can also choose an alternate 
role/class after logging in. 

2. Authenticating the user based on the first username and the password (Fig 2A, 
step 26). 

3. Providing access to the computer system as the alternate class (col 4, line 66-col 
5, line 4 and col 6, lines 33-48). The user's role at any particular moment is used 
to determine what privileges are given to the user, what functionalities the user 
has and which data the user is allowed to view. When the user switches role as 
discussed in the cited sections, one would expect that access to the computer 
system would be provided according to the new role. 

4. Wherein the alternate class is different than the first class (col 6, lines 33-42). 

Claim 9 is directed towards a computer program product comprising a storage 
medium readable by a processing circuit and storing instructions for execution by the 
processing circuit for performing the method of claim 1 and is rejected for similar 
reasons as claim 1 . Since Worth invention is implemented via a computer system, a 
computer program product comprising a storage medium as recited in claim 9 is 
inherent to Worth's invention. 
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Claim 15 is directed towards a system having an interface and processor for 
performing the method of claim 1 and is rejected for similar reasons as claim 1 . Since 
the user is able to enter his/her user id and password in Worth's invention, this implies 
there being an interface receiving login information from the user as claimed. Since 
Worth's invention is implemented using a computer system (col 2, lines 45-49), it has a 
processor as claimed since all computer systems have processors. 
Claims 3, 11, and 17: 

Worth further discloses wherein the processor verifies that the user is authorized 
to be provided access to the computer system as the alternate class (col 6, lines 33-42), 
wherein the step of providing access to the computer system as the alternate class is 
only performed if the user's authorization is verified (col 6, lines 38-42 and Fig 2A). 
Claim 4: 

Worth further discloses wherein the verifying step includes the sub-step of 
looking up the first username in an identity switching authorization table (col 6, lines 33- 
42). 

Claims 5, 12, and 18: 

Worth further discloses wherein the providing step includes the sub-step of the 
processor providing the user with a user interface of the alternate class after login (col 
6, lines 33-49). 
Claims 6, 13, and 19: 

Worth further discloses wherein in the providing step the processor provides the 
user with the experience of a user in the alternate class (col 6, lines 33-49). 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Note that it is determined that a person of ordinary skill in the art would be 
someone having a BS in Computer Science (or someone with equivalent industry 
experience). 

Claims 2, 7, 10, 14, 16, and 20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Worth (US 5,881 ,225) in view of Numano (US 7,194,631 ). 
Claims 2, 10, and 16: 

Worth disclose all the limitations of claims 1, 9, and 15. Worth does not explicitly 
disclose wherein the login information further includes a second username, and in the 
providing step, access to the computer system is provided (by the processor) with the 
rights and privileges of the second username. 

However, recall that privileges in Worth's invention are determined by the user's 
role (col 5, lines 1-4). Further, Numano discloses an invention which allows for user 
switching (col 1 , lines 60-63), wherein a first user having a first username and password 
(col 4, lines 36-40) switches to a second user by providing login information including a 
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second user name and password (col 6, lines 1-12). Once, the second username and 
password has been authenticated, access to the computer system is provided by a 
processor with the rights and privileges of the second username (col 5, lines 57-67; col 
7, lines 11-17; and col 8, lines 40-47). Note that in the user switching example which 
spans columns 6-7 of Numano, a switch from a user having a role/class of 
"administrator" to one having a role/class of "user" is performed. After the switch, 
access to the computer system is given with the rights and privileges of the "user" class. 
Note that the user switching performed by Numano also results in a role switch. 

From Numano's teachings, it would have been obvious to one of ordinary skill in 
the art to modify Worth's invention according to the limitations recited in claims 2, 10, 
and 16 such that instead of merely choosing a second role as taught by Worth, to switch 
to the second role, one provided a second username with the login information and in 
the providing step, access to the computer system is provided by the processor with the 
rights and privileges of the second username. Both Worth and Numano's invention are 
concerned with controlling functional access to a computer system. As per KSR v. 
Teleflex (Supreme Court, 2006), simple substitution of one known element for another 
to obtain predicable result is obvious. In this case, the invention recited in claims 2, 10, 
and 1 6 is the obvious result of substituting Numano's user and role switching method in 
place of Worth's role switching method. 
Claims 7, 14, and 20: 

Worth disclose all the limitations of claims 1, 9, and 15. Worth does not explicitly 
disclose wherein in the receiving interface/step, the first username and alternate class 
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are entered into a singled data field so that identity switching is accomplished in one 
user step. 

However, a first username and alternate class are types of login information. 
Numano discloses a receiving interface (Fig 2, item 51 1 ; Fig 3, item 51 1 ; and Fig 4, item 
51 1) which allows all the login information (i.e. user name and password) to be entered 
into a single data field (i.e. login GUI 511) so that identity switching is accomplished in 
one user step. One skilled in the art having common sense and creativity would have 
found it obvious to apply Numano's teachings to other types of login information other 
than just usernames and passwords. 

At the time applicant's invention was made, it would have been obvious to one 
skilled in the art to modify Worth's invention using Numano's teachings such that when 
performing identity/role switching, all user information such as the first username and 
alternate class was entered into a single data field so that identity switching is 
accomplished in only one user step. It would have been obvious to one skilled to do so 
because entering all user information into a single data field for identity/role switching 
would allow for faster identity/role switching. 

Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Worth 
(US 5,881 ,225) in view of He et al (US 6,088,451 ). 
Claim 8: 
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Worth disclose all the limitations of claims 1, 9, and 15. Worth does not explicitly 
disclose the step of recording an audit trail that includes at least some of the actions 
performed by the first user, the audit trail including the first username. However, He 
discloses the limitation (col 10, line 49-col 11, line 6 and col 23, lines 30-36). 

At the time applicant's invention was made, it would have been obvious to one 
skilled in the art to modify Worth's invention according to the limitations recited in claim 
8 in light of He's teachings. One skilled would have been motivated to do so because 
use of auditing as taught by He would provide means for detecting malicious attempts to 
circumvent security mechanisms (He: col 10, lines 49-52). 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to PONNOREAY PICH whose telephone number is 
(571)272-7962. The examiner can normally be reached on 9:00am-4:30pm Mon-Thurs. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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